Hi Rob Thanks for your suggestion. I've done the following which has got me a step closer...
I created the following symlink: sudo ln -s /usr/share/pki/server/conf/Catalina/localhost/rewrite.config /etc/pki/pki-tomcat/Catalina/localhost/rewrite.config Then edited this file: sudo vi /etc/pki/pki-tomcat/server.xml And added in this line after line 132: <Valve className="org.apache.catalina.valves.rewrite.RewriteValve"/> Ran the upgrade command: sudo ipa-server-upgrade Now when I run sudo ipa-acme-manage pruning --config-show I get the following which is different to before and sounds less bad: Certificate pruning requires random serial numbers The ipa-acme-manage command failed. I did the above on both machines. Machine A is the CA master. The health check is still showing the same errors. Anyone got any ideas why the health check is using the wrong hostname for machine B and how I can fix it? I cant figure out where its getting the wrong hostname from. The only reference I can find to wrong host names is in some old certificates which I have revoked in the web UI. -- _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
